INSTRUCTIONS: CHOOSE THE BEST ANSWER FOR EACH OF THE FOLLOWING.

NOTE: Questions for Chapter 9 and 10 are mixed in this quiz

1. A method of sampling in which all the items in the population are divided into two or more sub-
population is
a. Variable sampling
b. Stratified sampling
c. Attribute sampling
d. Divisible sampling
2. A representation letter issued by a client.
a. Is essential for the preparation of the audit program.
b. Is a substitute for testing.
c. Does not reduce the auditor's responsibility.
d. Reduces the auditor's responsibility only to the extent it is relied upon.
3. Of the following statements, which one best differentiates statistical sampling from nonstatistical
sampling? 
Statistical sampling is a mathematical approach to inference, whereas nonstatistical sampling is a more
subjective approach.
Nonstatistical sampling has greater applicability to large populations than does statistical sampling.
Nonstatistical sampling is more subjective, but produces greater consistency in the application of audit
judgment.
Nonstatistical sampling has greater applicability to populations that lend themselves to random selection.
4. The method used to measure the estimated total error amount in a population when there is both a
recorded value and an audited value for each item in the sample is
Difference estimation.
Mean-per-unit estimation.
Ratio estimation.
Monetary-unit sampling.
5. The tolerable occurrence rate for a control test is generally 
Lower than the expected occurrence rate in the related accounting records.
Higher than the expected occurrence rate in the related accounting records.
Identical to the expected occurrence rate in the related accounting records.
Unrelated to the expected occurrence rate in the related accounting records.
6. The auditor communicates the results of his or her work through the medium of the 
a. Engagement letter
b. Audit report
c. Management letter
d. Financial statement
7. PSA 530 identifies two general approaches to audit sampling. They are
a. Random & nonrandom
b. Statistical & nonstatistical
c. Precision & reliability
d. Risk and nonrisk
8. Ambrose is auditing the financial statements of Mays (dated December 31, 2017). The date of the
auditor’s report is February 17, 2018, and the audit report release date is February 20, 2018. For
which of the following matters would Ambrose have the least responsibility?
a. The obsolescence of inventory held on December 31, 2017, that was identified on January 20, 2018.
b. A customer’s deteriorating financial condition that was identified on February 19, 2018.
c. A merger that was announced by Mays and known by Ambrose on February 12, 2018.
d. A major loss due to a catastrophe that occurred and was known by Ambrose on March 1, 2018.
9. Which of the following is not a term relevant to sampling for tests of details? 
Acceptable risk of incorrect rejection
Analysis of misstatements
Estimate misstatements in the population
Define the exception conditions
10. These consist of the analysis of significant ratios and trends including the resulting investigation of
fluctuations and relationship that are inconsistent with other relevant information or deviate from
predictable amount.
a. Financial statement analysis
b. Variance analysis
c. Analytical procedures
d. Regression analysis
11. Auditors frequently refer to the terms audit assurance, overall assurance, ad level of assurance to
refer to 
a. detection risk
b. audit report risk
c. acceptable audit risk
d. inherent risk
12. A major objective of written representations is to
a. Shift responsibility for financial statements from the management to auditors.
b. Provide a substitute source of audit evidence for substantive procedures that auditors would otherwise
perform.
c. Provide management an opportunity to make assertions about the quantity and valuation of the physical
inventory.
d. Impress on management its ultimate responsibility for the financial statements and disclosures.
13. In a sampling application, the group of items about which the auditor wants to estimate some
characteristic is called the
a.Population
b.Sample
c. Attribute of interest
d. Sampling unit
14. As the amount of misstatements expected in the population approaches tolerable misstatement, the
planned sample size will:
Decrease.
Increase.
Vary based on characteristics of the population.
Be unaffected.
15. Auditors who prefer statistical to non-statistical sampling believe that the principal advantage of
statistical sampling flows from its unique ability to
Define the precision required to provide adequate satisfaction.
Provide a mathematical measurement of risk.
Establish conclusive audit evidence with decreased audit effort.
Promote a more legally defensible procedural approach.
16. Which of the following statements concerning analytical review procedures at the completion of the
audit is false?
a. Analytical procedures help auditors assess the overall presentation of the financial statements.
b. The auditor’s expectations in final analytical procedures should be more precise than those for substantive
analytics.
c. Auditing standards require the use of analytical procedures in the final review phase of the audit to assist
in identifying ending account relationships that are unusual.
d. Ratio analysis, common-size analysis, and analysis of the peso and percentage changes in each income
statement item over the previous year are useful for performing final analytical procedures.
 17. While performing a substantive test of details during an audit, the auditor determined that the sample
results supported the conclusion that the recorded account balance was materially misstated. It was,
in fact, not materially misstated. This situation illustrates the risk of:
Incorrect rejection.
Incorrect acceptance.
Assessing control risk too low.
Assessing control risk too high.
18. What is the primary objective of using stratified sampling in auditing? 
To increase the confidence level at which a decision will be reached from the results of the sample selected.
To determine the occurrence rate for a given characteristic in the population being studied.
To decrease the effect of variance in the total population.
To determine the precision range of the sample selected.
19. After an auditor has issued an audit report on a nonpublic entity, there is no obligation to make any
further audit tests or inquiries with respect to the audited financial statements covered by that report
unless
a. New information comes to the auditor's attention concerning an event that occurred prior to the date of the
auditor's report that may have affected the auditor's report.
b. Material adverse events occur after the date of the report.
c. Final determination or resolution was made on matters that had resulted in a qualification in the auditor's
report.
d. Final determination or resolution was made of a contingency that had been disclosed.
20. Principal methods of sampling selection include all of the following except
a. Haphazard
b. Random number
c. Systematic
d. Statistical
21. The process which requires the calculation of an interval and them selects the items based on the size
of the interval is
a. Statistical sampling
b. Systematic selection
c. Random selection
d. Computerized selection
22. Which of the following best describes the role of analytical procedures near the end of the audit
engagement?
a. To identify possible deficiencies in the client’s internal control over financial reporting.
b. To identify accounts that appear to be misstated with the intention of planning the nature, timing, and
extent of other substantive procedures.
c. To gather evidence to support one or more assertion(s) related to the account balance or class of
transactions.
d. To provide an overall review of the financial information and assessment of the adequacy of evidence
gathered during the audit engagement.
23. An auditor accepted an engagement to audit the 2020 financial statements of ABC Corporation and
began the fieldwork on September 30.  ABC gave the auditor the 2020 financial statements on
January 17, 2021.  The auditor completed the fieldwork on February 10, 2021, and delivered the
report on February 16, 2021.  The client's representation letter normally would be dated.
a. December 31, 2020.
b. January 17, 2021.
c. February 10, 2021.
d. February 16, 2021.
24. Audit sampling for test of control is generally appropriate when
a. Control leaves evidence of performance
b. Control leaves no evidence of performance
c. 100% of the transactions is tested
d. Examining specific high value items in the population
25. If the audit client is yet to make a going concern assessment regarding its operations, which of the
following procedures is the best for the auditor to do?
a. Decide whether to express a modified opinion or not.
b. Withdraw from the audit engagement.
c. Request the management to do the assessment.
d. Do the assessment for the management as part of preservation of client relationship.
26. After the audit report release date, auditors determine that an important auditing procedure was
omitted. Which of the following initial courses of action is most appropriate?
a. Perform the omitted procedure or an alternative procedure.
b. Notify the board of directors and regulatory agencies that are currently relying on auditor’s reports.
c. Determine whether the omitted procedure is important in supporting the auditor’s opinion on the entity’s
financial statements.
d. Engage another public accounting firm to conduct a quality assurance review.
27. This involves the application of the procedures to less than 100% of the items within an account
balance or class of transactions. This enables the auditor to obtain and evaluate audit evidence about
some characteristics of the selected items in order to form an opinion about the characteristics of all
items supporting an account balance or transaction class.
a. Audit techniques
b. Selective testing
c. Audit sampling
d. Specific identification
28. Which of the following is not a subsequent events procedure?
a. Review available interim financial information.
b. Read available minutes of meetings of stockholders and directors.
c. Make inquiries with respect to the financial statements covered by the auditor's previously issued report if
new information has become available during the current examination that might affect that report.
d. Discuss with officers the status of items in the financial statements that were accounted for based on
tentative, preliminary, or inconclusive data
29. When auditors sample for tests of details of balances, the objective is to determine whether the
Account balance being audited is fairly stated.
Transactions being audited are free of misstatements.
Controls being tested are operating effectively.
Transactions and account balances being audited are fairly stated.
30. Which of the following does not have to be considered in determining the initial sample size of a test
of details
tolerable misstatement
acceptable risk of incorrect rejection
estimate of misstatements in the population
acceptable audit risk
31. Which of the following is an element of sampling risk?
Choosing an audit procedure that is inconsistent with the audit objective.
Choosing a sample size that is too small to achieve the sampling objective.
Failing to detect an error on a document that has been inspected by the auditor.
Failing to perform audit procedures that are required by the sampling plan.
32. Which of the following is not a likely item on which to apply stratification techniques?
aging of accounts receivable
dollar value of accounts receivable
customer names of account receivables
number of sales per customer in a period
33. Hall accepted an engagement to audit the year 1 financial statements of XYZ Company. XYZ
completed the preparation of the year 1 financial statements on February 13, year 2, and its auditors
began the fieldwork on February 17, year 2. Hall completed gathering sufficient appropriate
evidence on March 24, year 2; Hall’s report and XYZ’s financial statements were released on March
28, year 2. The written representations normally would be dated.
a. February 13, year 2.
b. February 17, year 2.
c. March 24, year 2.
d. March 28, year 2.
34. Audit sampling for substantive tests is appropriate when
a. Analytical procedures are used
b. The auditor wants to eliminate sampling risks
c. A population contains small number of large value items
d. Tests of details are performed
35. The relationship between sample size and the allowable sampling risks is
a. Direct
b. Inverse
c. Sample deviation rate
d. Expected deviation rate
36. A sample in which every possible combination of items in the population has a chance of
constituting the sample is a
a. Representative sample
b. Random sample
c. Statistical sample
d. Judgment sample
37. The deviation rate the auditor expects to find in the population, before testing begins, is called the
a. Tolerable deviation rate
b. Computer upper deviation rate
c. Sample deviation rate
d. Expected deviation rate
38. Which of the following statistical sampling plans does not use a fixed sample size for tests of
controls?
a. PPS sampling
b. Value-weighted sampling
c. Sequential sampling
d. Variables sampling
39. Which of the following sampling plans would be designed to estimate a numerical measurement of a
population such as peso value?
a. Monetary Unit sampling
b. Sampling attributes
c. Discovery sampling
d. Sampling for variables
40. Which of the following statements is not true with respect to written representations?
a. The failure of management to furnish them is a significant scope limitation, resulting in either an adverse
opinion or a disclaimer of opinion.
b. They should address management’s responsibility for designing internal control to prevent and detect
fraud.
c. Auditors use them to corroborate information received during the audit from the client and its employees.
d. They are dated close to but before the auditor’s report date.
 41. When auditing contingent liabilities, which of the following procedures would be least effective?
a. Reading the minutes of the board of directors.
b. Reviewing the bank confirmation letter.
c. Examining invoices for professional services.
d. Examining customer confirmation replies.
42. The audit inquiry letter to the client's legal counsel should be mailed only by the
a. Client after the auditor has reviewed it for appropriate content.
b. Auditor after preparation by the client and review by the auditor.
c. Auditor's attorney after preparation by the client and review by the auditor.
d. Client after review by the auditor's attorney.
43. Which of the following statements about analytical procedures is incorrect?
a. Analytical procedures are required to be performed in the planning phase of the audit.
b. Analytical procedures are required to be done during the testing phase of the audit.
c. Analytical procedures are required to be done during the completion phase of the audit.
d. Analytical procedures may be performed in the planning, testing and completion phases of the audit.
44. The maximum amount of error in a population that the auditor is willing to accept is referred to as
the
a. Acceptable risk
b. Tolerable error
c. Expected error
d. Tolerable materiality
45. Value weighted sampling is most appropriate when the auditor
a. Anticipates understatement errors
b. Expects no errors
c. Anticipate overstatement errors
d. Has assessed control risk at high level
46. In assessing sample risk, alpha risk relate to the
a. Efficiency of the audit
b. Selection of the sample
c. Effectiveness of the audit
d. Audit quality controls
47. Which of the following material events occurring after the December 31, 2020, balance sheet would
not ordinarily result in an adjustment to the financial statements before they are issued on March 2,
2021?
a. Write-off of a receivable from a debtor who had suffered from a deteriorating financial condition for the
past six years. The debtor filed for bankruptcy on January 23, 2021.
b. Acquisition of a subsidiary on January 23, 2021. Acquisition had begun in December 2020.
c. Settlement of extended litigation on January 23, 2021, more than the recorded year-end balance.
d. A 3-for-5 reverse stock split effective on January 23, 2021.
48. If the auditor is concerned that a population may contain exceptions, the determination of a sample
size sufficient to include at least one such exception is a characteristic of
a. Discovery sampling
b. Random sampling
c. Variables sampling
d. Peso-unit sampling
49. Auditors have a responsibility related to management’s disclosure of new information related to
subsequent events until
a. The date of the financial statements.
b. The date of the auditor’s report.
c. The audit report release date.
d. The following year’s date of the financial statements.
 50. The final step in the evaluation of the audit results is the decision to
Accept the population as fairly stated or to require further action.
Determine sampling error and calculate the estimated total population error.
Project the point estimate.
Determine the error in each sample.
The following statements relate to a review of financial statements. Which is incorrect?
*
a. The objective of a review of financial statements is to enable a practitioner to state whether, based on
procedures which do not provide all the evidence that would be required in an audit, anything has come to
the practitioner's attention that causes the practitioner to believe that the financial statements are not
prepared, in all material respects, in accordance with an identified financial reporting framework.
b. A review ordinarily involves an assessment of accounting and internal control systems, tests of records,
and of responses to inquiries by obtaining corroborating evidence through inspection, observation,
confirmation, and computation.
c. A review comprises inquiry and analytical procedures are designed to review the reliability of an assertion
that is the responsibility of one party for use by another party.
d. The level of assurance provided in a review report is las than that given in an audit report.
Typical controls developed for manual systems which are still important in IT systems include:

*
a. transactions are properly authorized.
b. personnel are honest and well trained.
c. careful and complete preparation of source documents.
d. all the above are important.
These are controls intended to guarantee that the info processed by the computer is approved, complete, and
precise are called:
*
a. input controls.
b. processing controls.
c. output controls.
d. general controls.
GAS or Generalized audit software packages do all the tasks below except

*
a. precomputations data fields
b. compares files and identify differences.
c. stratifies statistical samples.
d. analyzes results and form opinions.
Evidence are generally considered sufficient when:

*
a. it is appropriate.
b. there is enough of it to afford a reasonable basis for an opinion on financial statements.
c. it has the qualities of being relevant, objective, and free from unknown bias.
d. it has been obtained by random selection.
The most important output control is:
*
a. segregation of duties between the data librarian and the bookkeeper
b. analytical review of reports and outputs for reasonableness by someone who knows what the output
should look like.
c. Control totals
d. Logic tests
When processing controls within the accounting information system may not leave visible evidence that
could be inspected by audit teams, the teams should.

*
a. Make corroborative inquiries.
b. Observe the separation of duties of personnel.
c. Review transactions submitted for processing and compare them to related output.
d. Review the run manual.
A report on factual findings is the end product of the auditor when performing:
*
a. Audit.
b. Review.
c. Agreed-upon procedures.
d. Compilation.
The subject matter of an assurance engagement can take the following forms except

*
a. The entity's internal control.
b. Historical or prospective financial statements.
c. Performance of an entity that could indicate efficiency and effectiveness.
d. Evaluation of a capital investment proposal.
The following are associated when converting from a manual system to an IT system, except?

*
a. Data are now centralized.
b. Permits greater quality and constant controls over operations.
c. It may eliminate the control provided by division of duties of independent persons who perform related
functions and compare results.
d. The bookkeeping function is now placed under the CIS department.
Which of the following computer-assisted auditing techniques processes client input data on a copy of a
program that the client uses under the auditor’s control to test controls in the computer system?

*
a. Blackbox approach
b. Test data approach
c. Integrated test facility
d. Controlled reprocessing.
You own Dude, Inc., which manufactures wooden tables. You need to hire some accountants to prepare your
monthly financial statements. The preparation of your financial statements is referred to as a(n):
*
a. Audit.
b. Compilation.
c. Review.
d. Special report
Which of the following statements is false about the integrated test facility (ITF).

*
a. Actual reports are affected by ITF transactions.
b. The databases contain "dummy" records integrated with legitimate records.
c. It permits ongoing application auditing.
d. It does not interrupt auditee’s operations or necessitate the involvement of IT personnel.
A practitioner should accept an assurance engagement only if

*
a. The subject matter is the responsibility of either the intended users or the practitioner.
b. The subject matter is in the form of financial information.
c. The practitioner's conclusion is to be contained in a written report.
d. The criteria to be used are not available to the intended users.
Which of the following statements is true concerning evidence in an assurance engagement?

*
a. The reliability of evidence is influenced not by its nature but by its source.
b. Sufficiency is the measure of the quantity of evidence.
c. Obtaining more evidence may compensate for its poor quality.
d. Appropriateness is the measure of the quality of evidence, that is, its reliability and persuasiveness.
Testing the input and output of a computer system instead of the computer program itself will

*
a. Unable to discover program errors which are not present in the output sample.
b. Identify all program errors, regardless of the nature of the output.
c. Give the auditor with the same type of evidence.
d. Not give confidence to the auditor in the results of the subsequent audit procedures.
An advantage of a computerized systems is that the computer can automate transactions. Which of the
following activities would not be an appropriate candidate for automatic computer initialization?

*
a. Interest on customer accounts in a bank which calculated periodically.
b. Ordering inventory at preset order levels in a manufacturing facility
c. Periodic calculation of depreciation for which the entity uses the straight-line method.
d. Sales for a customer whose operations are seasonal in nature.
In an assurance engagement, this refers to the information obtained by the practitioner in arriving at the
conclusions on which the conclusion is based.
*
a. Generally accepted auditing standards
b. Assertions
c. Criteria
d. Evidence
Un-reliance by the auditors on a detailed knowledge of the application's internal logic, they are performing.
*
a. auditing around the computer
b. parallel simulation
c. test of data
d. CAATs
When performing a compilation engagement, the accountant is required to
*
a. Make inquiries of management to assess the reliability and completeness of the information provided.
b. Assess internal controls.
c. Verify matters and explanations.
d. Obtain a general knowledge of the business and operations of the entity.
These are independent professional services that improve the quality of information for decision making.
*
a. Management consultancy
b. Audit services
c. Assurance services
d. Attestation services
A human resource employee accidentally entered "40" in the "hours worked per day" field. What type of
data entry control would most likely catch this error?

*
a. financial totals
b. field check
c. limit check
d. validity check
The following assertions regarding general controls are correct except?

*
a. Data disaster recovery plans should find alternate hardware to process data.
b. Successful IT development efforts require the involvement of IT department and user department.
c. The CIS director should report to appropriate level of management and the board of directors.
d. Programmers should have access to computer operations to aid users in resolving problems.
This type of audit is made to determine whether the client is following procedures or rules promulgated by
some higher authority.
*
A. external audit
B. compliance audit.
C. internal audit.
D. controls audit.
An auditor want to assess the risk in a computerized environment. Under these circumstances on which of
the following activities would the auditor initially focus?

*
a. Errors and fraud
b. Application controls
c. Controls over outputs
d. General controls
Which of the items below is not an example of a white box approach?

*
a. ascertaining the fair market value of ending inventory.
b. reviewing the codes of the computer software.
c. testing the system by processing valid and invalid data.
d. transaction tagging
Creating simulated transactions that are processed through a system to generate results that are compared
with predetermined results, is an auditing procedure referred
*
a. Audit Modules
b. Use of test data.
c. SCARFs
d. Parallel simulation.
Which of the following statements concerning compilation engagement is incorrect?
*
a. In a compilation engagement, the accountant is engaged to use accounting expertise as opposed to
auditing expertise to collect, classify, and summarize financial information.
b. A compilation engagement ordinarily entails reducing detailed data to a manageable and understandable
form without a requirement to test the assertions underlying that information.
c. Users of the compiled financial information derive some benefit because of the accountant's involvement
because the service has been performed with due professional skill and care.
d. The procedures employed in a compilation engagement enable the accountant to express a moderate level
of assurance on the compiled financial information.
Which of the following statements is true?
*
a. The degree or level of assurance that may be provided by the practitioner is inversely related to the scope
of procedures performed and their results.
b. Assurance engagements do not require independence.
c. The term "auditor" is broader in scope compared to the term "practitioner."
d. Assurance engagements performed by professional accountants are intended to enhance the credibility of
information.
There should be a proper segregation of duties within the IT department. With this, programmers should do
all but which of the following?

*
a. Perform testing of programs for proper performance.
b. Evaluate legitimacy of transaction data input.
c. Develop flowcharts for new applications.
d. Programmers should perform each of the above.
Which of the following statements concerning the assurance engagement's three-party relationships is
incorrect?
*
a. The responsible party and intended users may be from different entities or the same entity.
b. The term "practitioner" as used in the Framework for Assurance Engagements is broader than the term
"auditor" as used in PSAs and PSREs.
c. An entity's senior management (the responsible party) may engage a practitioner to perform an assurance
engagement on a particular aspect of the entity's activities that is the immediate responsibility of a lower
level of management (the intended user).
d. In an assertion-based engagement the responsible party is responsible for the subject matter information
(the assertion) and may be responsible for the subject matter.
The most likely concern of an auditor regarding controls in a distributed data processing system is?
*
a. Control over hardware
b. Systems documentation controls
c. Access controls
d. Data recovery controls
Analysis of results of the test data method, the auditor would spend the least amount of time reviewing.
*
a. fictitious transactions or test transactions
b. error log reports
c. program of the system
d. output reports
Non Assurance engagements include all of the following except
*
a. Agreed Upon procedures.
b. Management consulting.
c. Preparation of tax returns where no conclusion is expressed.
d. Compliance audit.
This means that two tasks cannot be done by one person only as it may open a window for fraudulent events
or erroneous recordings.

*
a. Segregation of duties
b. Incompatible duties
c. Concentration of duties
d. Compatible duties
An auditor would want to know that username and password controls are working, he would most likely:

*
a. Try to sign into the system using false user credentials and passwords.
b. Make a computer program that simulates the logic of the client’s access control software.
c. Obtain a random sample of processed transactions and ensure that the transactions were appropriately
authorized.
d. Examine statements signed by employees stating that they have not divulged their user identifications and
passwords to any other person.
Who is responsible for the preparation of company’s financial statements in accordance with the applicable
reporting framework.

*
a. the entity’s management
b. the entity’s audit committee
c. the entity’s internal auditor
d. the entity’s board of directors
The objective of a review of financial statements is to:

*
a. Express an opinion on the overall financial statements.
b. Carry out audit procedures agreed on with the client and other users of report
c. State whether anything has come to the auditor's attention that indicates that the financial statements are
not presented fairly.
d. Assist the client in the preparation of the financial statements.
All the concepts below are related with the auditing around the computer to except.
*
a. the program need not be removed from service and tested directly and put it back again after the test.
b. there is un-reliance by the auditors on a detailed knowledge of the application's internal logic.
c. the auditor compares predetermined output results with production input transactions.
d. this approach is used for complex transactions that receive input from many sources.
Which of the following statements best describes review services?
*
a. Review engagements focus on providing assurance on the internal controls of a public company.
b. Review engagements focus on providing assurance on the assertions contained in the financial statements
of a public company.
c. Review engagements focus on providing advice in a three party contract.
d. Review engagements focus on providing limited assurance on financial statements of a private company.
Auditors are creating their own flowcharts of a client’s system when doing the audit, this a graphical
representation that depicts the auditor’s:
*
a. plans for tests of controls.
b. understanding of the CIS system.
c. comprehension of the types of errors that are probable given the present system.
d. documentation of the technical study and evaluation of the system
Which of the following statements is true?

*
a. When testing controls, auditors should assess application controls first before evaluating general controls.
b. When testing controls, auditors should assess application controls and general controls at the same time.
c. When testing controls, auditors should evaluate general controls first before assessing application
controls.
d. All of these are false.
When using test data, why are audit teams required to prepare only one transaction to test each IT control?

*
a. The speed and efficiency of the computer results in reduced sample sizes.
b. The risk of misstatement is typically lower in an IT environment.
c. Audit teams generally perform more extensive substantive testing in an IT environment, resulting in less
need to test processing controls.
d. In an IT environment, each transaction is handled in an identical manner.
An unqualified conclusion is not appropriate for either reasonable or limited assurance engagement when:
I. Circumstances prevent the practitioner from obtaining evidence required to reduce assurance engagement
risk to the appropriate level.
II. The responsible party or the engaging party imposes a restriction that prevent the practitioner from
obtaining evidence required to reduce assurance engagement risk to the appropriate level.
*
a. I only
b. II only
c. Either I or II
d. Neither I nor II
Which of the following services provides a moderate level of assurance about the client's financial
statements?
*
a. Forecasts and projections
b. Compliance with contractual agreement
c. Review
d. Compilation
The following are the elements of an assurance engagement except

*
a. Suitable criteria
b. An appropriate subject matter
c. A two-party relationship involving a practitioner and intended users.
d. Sufficient appropriate evidence
Appropriateness of evidence is a measure of the:
*
a. quantity of evidence.
b. quality of evidence.
c. sufficiency of evidence.
d. meaning of evidence.
These are controls prevent and detect errors while transaction data are transformed into output.

*
a. General Controls
b. Controls over data entry and input
c. Processing Controls
d. Internal Controls
What type of assurance engagement is involved when the practitioner expresses a positive form of
conclusion?
*
a. Negative assurance engagement
b. Limited assurance engagement
c. Reasonable assurance engagement
d. Absolute assurance engagement
When auditors consider only the data placed in the system and the reports or output related to the data, this
is known as:

*
a. white-box approach
b. test data approach.
c. black-box approach
d. generalized audit software approach.
The report on an agreed upon procedures engagement should contain:
*
a. A general description of the procedures performed.
b. An expression of positive assurance based on the specific procedures performed.
c. A statement that the auditor is independent of the entity.
d. Identification of the purpose for which the agreed-upon procedures were performed.
Which of the following is incorrect regarding a compilation engagement?
*
a. The CPA uses his auditing expertise to collect, classify and summarize financial information.
b. The CPA should exercise due care.
c. The engagement ordinarily entails reducing detailed data to a manageable and understandable form.
d. The procedures performed do not enable the accountant to express any form of assurance.
The information obtained by the auditor in arriving at the conclusions on which the audit opinion is based is
called:
*
a. Audit working papers.
b. Audit assertions
c. Audit evidence
d. Audit standards
One of the disadvantages of having a CIS environment is.
*
a. Data can be accessed easily.
b. Computer systems are programmed to perform uniform commands if the system was developed properly.
c. Automated transactions for depreciation and other recurring transactions
d. Data are prone to loss.
Compilation is an example of which one of the following types of services?
*
a. Auditing
b. Accounting
c. Consulting
d. Review
Which of the following is not an element of an assurance engagement?

*
a. An appropriate subject matter
b. Suitable criteria
c. Sufficient appropriate evidence
d. Substantial engagement fee
A continuous audit technique where a transaction record is "tagged" and then traced through critical points
in the information system.

*
a. Audit Modules
b. Systems control audit review files (SCARFs)
c. Audit Hooks
d. Transaction tagging
In performing attestation services, a CPA will normally:
*
a. Recommend uses for information.
b. Improve the quality of information, or its context, for decision makers.
c. Perform market analysis and cost estimate.
d. States a conclusion about a written assertion.
A review of a company's financial statements by a CPA firm:
*
a. Is similar in scope to an audit and adds similar credibility to the statements.
b. Is significantly las in scope than an audit and results in a report which provides positive assurance,
although not absolute assurance.
c. Concludes with the issuance of a report expressing the CPA's opinion as to the fairness of the financial
statements.
d. Is designed to provide only moderate assurance.
Audit teams can obtain evidence of the proper functioning of password access control to an accounting
information system by

*
a. Writing a computer program that simulates the logic of an effective password control system.
b. Selecting a random sample of the client’s completed transactions to check the existence of proper
authorization.
c. Attempting to sign on to the accounting information system with a false password.
d. Obtaining representations from the client’s computer personnel that the password control prevents
unauthorized entry.
Adequate control over access to data processing is required to:

*
a. Prevent improper use or manipulation of data files and programs.
b. Ensure that only console operators have access to program documentation.
c. Minimize the need for backup data files.
d. Ensure that hardware controls are operating effectively and as designed by the computer manufacturer.
Which input control check would detect a posting to the wrong customer account?

*
a. limit check
b. field check
c. key verification
d. hash totals
Which of the below items is an illustration of a data input mistake correction technique?
*
a. immediate correction
b. rejection of batch
c. creation of error log file
d. all are examples of input error correction techniques.
The term "accountant" has been used by Auditing and Assurance Standards Council to refer to a CPA in
public practice who is engaged to:
*
a. Audit financial statements.
b. Review financial statements.
c. Apply agreed upon procedures.
d. Compile financial statements.
Distribution of a report is always restricted when:
*
a. Negative assurance is given.
b. There is a positive expression of opinion.
c. A review has been performed.
d. Agreed-upon procedures have been performed.
For expressing negative assurance in the review report, the practitioner should obtain sufficient appropriate
evidence primarily through

*
a. Inquiry and confirmation
b. Analytical procedures and substantive tests of details of transactions and account balances
c. Confirmation and tests of controls
d. Inquiry and analytical procedures
A feature of CIS is uniformity and consistency of data processing. Therefore, there is a risk that:

*
a. Data cannot be accessed by auditors.
b. Auditors do not have the ability to determine if data is processed consistently.
c. Processing errors can result in the buildup of a huge number of misstatements.
d. All the above.
What assurance is provided by the auditor in an agreed upon procedures engagement?
*
a. No assurance.
b. Low.
c. Moderate.
d. Reasonable.
Typical controls developed for manual systems which are still important in IT systems include:

*
a. transactions are properly authorized.
b. personnel are honest and well trained.
c. careful and complete preparation of source documents.
d. all the above are important.
Which of the following is a class of general controls?

*
a. Controls over computer data processing.
b. Controls over data loss and recovery
c. Controls over data entry and input.
d. Control over reports generated by the system.
GAS or Generalized audit software is of key interest to the auditor in terms of its capability to
*
a. Access information stored on computer files.
b. Select a sample of items for testing.
c. Evaluate sample test results.
d. Test the accuracy of the client's calculations.
All the following are advantages of using IT-based controls, except?

*
a. Voluminous transactions can be processed faster.
b. Replacement of manual controls with computer-based controls.
c. Misstatements is reduced due to consistent processing of transactions.
d. Over-dependence on reports generated by computer.
In assertion-based assurance engagements, the evaluation or measurement of the subject matter against
criteria is performed by the
*
a. Intended users
b. Responsible party
c. Practitioner
d. AASC
For assurance engagements which are neither audits nor reviews of historical financial information, the
following standard applies:
*
a. PSAs
b. PSREs
c. PSAEs
d. PSRSs
Which of the following is an assurance service?
*
a. Performance measurement regarding efficiency and effectiveness of operations
b. Systems design and installation
c. Tax planning
d. Personal financial planning
The subject matter of an assurance engagement may include
I. Historical or prospective financial information
II. Internal controls
III. Compliance with regulation
*
a. I and II only
b. I and III only
c. II and III only
d. I, II, and III
Criteria that are embodied in laws or regulations, or issued by authorized or recognized bodies of experts
that follow a transparent due process are called:

*
a. Suitable criteria
b. General criteria
c. Established criteria
d. Specifically developed criteria
New systems developed are to be tested before they are placed in actual operations, this test approach is
called:

*
a. pilot testing.
b. horizontal testing.
c. integrative testing.
d. parallel testing.
Which of the following best describes relationships among auditing, attest and assurance services?
*
a. Attest is a type of auditing service.
b. Assurance is a type of attest service.
c. Auditing is a type of assurance service.
d. Auditing and attest services represent two distinctly different types of services.
Which of the following is less likely to be used by auditors in obtaining an understanding of client general
controls?
*
a. Analysis of system documentation
b. Inquisition of client personnel
c. Inspection of transaction processing
d. Evaluations of questionnaires completed by client IT personnel.